[Solved] Login problem with cache, cookies or ajax

[osdznr14mm]

Hi, I'm having a big problem with the login behavior of the shop I built with prestashop and either the cache, cookies or ajax.

 

In the front office, after I log in, in the top corner, it says "Welcome, myusername | Logout" to show that I'm logged in, but if I navigate to a page I'd already been to before I logged in, it says "Welcome | Login" as if I'm not logged in! If I refresh the page, then the top corner does update to say "Welcome myusername | Logout" as it should. Also, if I'm logged in and hit "Logout," nothing happens, but then I refresh and now it shows I'm logged out. This is highly confusing to the user, because a lot of them wouldn't think to refresh the page, and they shouldn't have to refresh it. It gives the appearance that you are not logged in, when you are.

 

I thought this was a cache problem, so I disabled caching w/ the File System and I manually deleted all the cache in the cache folders. It didn't help at all. Then I found an error message generated while I'm logged in, but then I navigate to a section with a url starts with http:

 

"XMLHttpRequest cannot load https://www.mysite.com/shop/index.php. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://www.mysite.com' is therefore not allowed access."

 

This makes me think that maybe it's not the cache, but it's a problem w/ the ajax script not working when you go from https to http? How do I fix it?

 

My top navbar uses the superfish script but so far I can't find how to change the urls to a relative path which would keep the https/http consistent. Does someone know which file controls the urls?

 

Here are my specs:

 

Prestashop 1.5.6

 

Use cache now Off (used to be File System)

Smarty cache on, recompile templates if the files have been updated

JS and CSS use CCC, HTML kept as original

 

Friendly URL Off

Accented URL No

Automatically redirect to the canonical URL Yes

Disable apache multiviews No

Disable apache mod security No

 

Shop domain www.mysite.com

SSL domain www.mysite.com

Base URI /shop/

 

SSL only on pages that need it.

 

My htaccess file has Rewrite Engine On and a lot of DEFLATE lines and leverage browsing settings. Will provide details if needed.

 

I hope someone can help me fix this. Some customers are complaining they're so frustrated with our site and that they keep getting kicked back to the login page.

 

Thank you.

 

 

Edited September 18, 2014 by osdznr14mm (see edit history)

[osdznr14mm]

After much research I finally fixed it! It was a cache issue, it was my leverage browser caching settings in my htaccess file. When I first launched the site, it was on shared hosting and was unbearably slow, so I was desperate to make it run faster. I copied this code I found online and put it in my htaccess file:

 

## leverage browser caching: ##

## EXPIRES CACHING ##

<IfModule mod_expires.c>

ExpiresActive On

ExpiresByType image/jpg "access 1 year"

ExpiresByType image/jpeg "access 1 year"

ExpiresByType image/gif "access 1 year"

ExpiresByType image/png "access 1 year"

ExpiresByType text/css "access 1 month"

ExpiresByType text/html "access 1 month"

ExpiresByType application/pdf "access 1 month"

ExpiresByType text/x-javascript "access 1 month"

ExpiresByType application/x-shockwave-flash "access 1 month"

ExpiresByType image/x-icon "access 1 year"

ExpiresDefault "access 1 month"

</IfModule>

## EXPIRES CACHING ##

 

The 'ExpiresByType text/html "access 1 month"' and the 'ExpiresDefault "access 1 month"' were the ones causing the login status not to update correctly because the site was pulling up the cached html, no matter what cache settings I had in Prestashop. I had thought to remove the "ExpiresByType text/html" line early on and nothing changed. It was the 'ExpiresDefault "access 1 month"' that I missed. 

 

This is probably an unusual situation, but I'm posting it in case anyone else has the same problem. I changed my expiration settings to be more like the ones that Prestashop writes to the htaccess file if you select "Apache Optimization" in the CCC part of the Performance section:

 

<IfModule mod_expires.c>

ExpiresActive On

ExpiresByType image/jpg "access plus 1 month"

ExpiresByType image/jpeg "access plus 1 month"

ExpiresByType image/gif "access plus 1 month"

ExpiresByType image/png "access plus 1 month"

ExpiresByType text/css "access plus 1 week"

ExpiresByType application/pdf "access plus 1 month"

ExpiresByType text/x-javascript "access plus 1 week"

ExpiresByType application/x-shockwave-flash "access plus 1 month"

ExpiresByType image/x-icon "access plus 1 year"

</IfModule>

 

I am going to mark this thread solved, even if I still haven't gotten rid of the https-http error yet, it is a separate issue.

 

Although I did not use the solution in the following thread, it helped me in a roundabout way to figure out my issue. So I'll link to it here in case it will help someone: http://www.prestashop.com/forums/topic/247284-user-info-block-caching/

 

 

[trevorgilligan]

thank you for this post i will try it. i'm having the same problem. i dont really care if it says "sign in" or "welcome firstname" , but i have stripe on quick-order. it works after the customer would hit refres or the 2nd time. the 1st time its not working and im 99% certain it is because prestashop thinks the user is not logged in, even tho they have logged in / created an account!

[trevorgilligan]

i also had modifided the htaccess, but i dont have these 2:  'ExpiresByType text/html "access 1 month"' and 'ExpiresDefault "access 1 month

here is what i have if you have a moment i would appreciate your help, if you are busy, i understand

 

<IfModule mod_expires.c>

ExpiresActive On

ExpiresByType image/gif "access plus 1 month"

ExpiresByType image/jpeg "access plus 1 month"

ExpiresByType image/png "access plus 1 month"

ExpiresByType text/css "access plus 1 week"

ExpiresByType text/javascript "access plus 1 week"

ExpiresByType application/javascript "access plus 1 week"

ExpiresByType application/x-javascript "access plus 1 week"

ExpiresByType image/x-icon "access plus 1 year"

ExpiresByType image/svg+xml "access plus 1 year"

ExpiresByType image/vnd.microsoft.icon "access plus 1 year"

ExpiresByType application/font-woff "access plus 1 year"

ExpiresByType application/x-font-woff "access plus 1 year"

ExpiresByType application/vnd.ms-fontobject "access plus 1 year"

ExpiresByType font/opentype "access plus 1 year"

ExpiresByType font/ttf "access plus 1 year"

ExpiresByType font/otf "access plus 1 year"

ExpiresByType application/x-font-ttf "access plus 1 year"

ExpiresByType application/x-font-otf "access plus 1 year"

</IfModule>

[osdznr14mm]

Hi there. Wow, I haven't worked on Prestashop for a really long time. I mean the shop I set up is still running on it fine, but I haven't had to deal with troubleshooting. I'm sorry you're dealing with the same thing. OK, I'm no expert on htaccess files & caching, but I looked over your htaccess code and would try taking out these 2 lines:

ExpiresByType text/javascript "access plus 1 week"

ExpiresByType application/javascript "access plus 1 week"

 

Those 2 are not in the Prestashop Apache Optimization htaccess rules and are the only ones that might possibly cause a problem. I'm only guessing. If that does nothing, I'd try replacing your htaccess rules with the ones Prestashop autogenerates when you check "Apache Optimization" in the caching settings. If it works, then you can try adding back in your custom rules one by one to find the culprit. What are your caching settings? Do you still have the problem if you turn caching off?

 

If none of that works, have you read the thread I linked to earlier in post #2? There might be something helpful in there. Here it is again: https://www.prestashop.com/forums/topic/247284-user-info-block-caching/